Application Security: Tools for Getting Management Support and Funding

Overview: Most security professionals understand the importance of finding and eliminating application vulnerabilities. Yet, based on the rate of exploitation of vulnerable websites, it appears that web application protections have been neglected, because of underfunding or lack of focus. Making the argument for better application security isn?t easy. Convincing management to spend on something as ethereal as security requires metrics and tools that demonstrate the efficiencies that secure web application management provides. This paper will provide tools and techniques that demonstrate the need for better application security and the appropriate level of investment.